• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Security and Auditing Breakthrough Gives Cilasoft Compliance Advantage

    May 25, 2010 Dan Burger

    Underestimating security issues and being unaware of the technology that makes systems more secure can be the dog you never thought would bite you until it did. The loss of sensitive data can hurt in many different ways. Regulatory compliance mandates have forced some IBM i-based companies to think about this, and software companies like Cilasoft are crafting new technology that can help. Cilasoft’s database monitoring software is a good example.

    The IBM i is not as secure as most people think. It’s a bank vault compared to some well-known and more vulnerable systems, but the system and its operators have their weaknesses.

    If you are familiar with the system, you understand it is possible to track and collect database modifications related to adds, changes, and deletes to a DB2 table. What it can’t identify is who is looking at data, and that’s a security breach that could be costly. Even though compliance standards have regulations in place for encryption of certain information (credit card numbers and Social Security numbers are two important pieces of info), much data remains to be seen by those who seek it.

    “From a privacy law standpoint, this is huge,” says Dan Riehl, the head of U.S. operations for the French company that’s looking to make a name for itself in the United States. “Cilasoft’s Database View Monitor for i is the only commercial product in the System i arena that does this. The PCI Data Security Standard, as one example, says you need to trace access to sensitive information, audit it, and report on it.”

    Riehl says there is a big hole in privacy and security of private information. As examples of compromised data that can affect a company, he notes that employees can access payroll information and production records.

    Cilasoft’s Database View Monitor identifies–by auditing the object–when files are accessed. It provides record-level information such as who was the user, what workstation was being used, what program was used to access the record, and the date and time the access occurred. It’s the same type of information that’s been available in logs that monitor add/change and delete events.

    Riehl says he’s been eagerly awaiting this product since hearing of the plans and design more than a year ago. He calls the tool “long overdue” for the IBM i market.

    One of the common goals of most regulatory compliance standards is to make sure certain data is encrypted. Riehl says a lot of companies haven’t gotten to that point yet.

    “When they do,” he says, “there will still be a need to see the access to sensitive data. Even if someone can’t read the encrypted data, because they don’t have the encryption key, there is other information with it–name, address, phone, and other private information.”

    Regardless of whether the data has been unencrypted, encrypted, or de-encrypted, companies will still want to identify records that have been accessed, Riehl says. And now that technology makes this available on the IBM i, he says auditors will ask that the technology be applied, as it is being done on other platforms.

    “It’s not a big technical challenge to build a tool to monitor database “view record” events on the i, but it is a huge challenge to build this tool in such an intelligent way that the performance metrics don’t outweigh the great benefit of the tool,” Riehl noted. “The development group at Cilasoft has tuned the performance of this software to the max.”

    Database View Monitor joins the newly upgraded Cilasoft Security Suite 5.0, which includes the products QJRN/400 and CONTROLER. The latest enhancements improve security, usability, and functionality, and the suite is compatible with the latest version of the IBM i/OS, which is 7.1.

    QJRN/400 is used for auditing database changes and for monitoring and reporting on events from the security audit journal (QAUDJRN) and other system journals. It has customizable filtering capabilities and an array of reporting and alerting capabilities.

    New reporting options include PDF output with customizable graphics, encryption, and password protection. It also has a colorized highlighter feature that allows selected fields within a report to be emphasized.

    In terms of new reporting and alerting features, QJRN/400 now has a pop-up window alert and a more secure method of sending reports via FTP. Reporting on security-related and database events to the SYSLOG format also has been updated and enhanced to allow system monitoring through a stand-alone SYSLOG console or enterprise event console.

    Cilasoft’s CONTROLER product provides customizable auditing and granular control of network transactions through FTP, ODBC, file transfer, DDM, and remote command. The company says it goes beyond the capabilities of standard exit program software because it monitors and controls the use of all Control Language commands and enforces rules for all command parameter usage. CONTROLER can also monitor and control the use of all SQL database access using tools like STRSQL, RUNSQLSTM, RUNQRY, and ODBC.

    Cilasoft also claims that CONTROLER is the only commercial exit point solution for the System i that can effectively audit and control Distributed Relational Database Access (DRDA) transactions across systems. According to Cilasoft, other exit point software packages only monitor the DRDA “Connect” function. CONTROLER audits and controls the entire DRDA session, including all SQL statements run during a DRDA connection.

    Riehl says Cilasoft is unique because it makes auditing and controlling interfaces highly customizable, yet doesn’t require a System i technical expert to configure them in order to get the monitoring and protection required in today’s heavily regulated environments. He notes that the version 5 release has extended the number of exit points that are covered.

    Database View Monitor for i, QJRN/400 version 5, and CONTROLER version 5 are all generally available. Each product is licensed separately, but is designed to work as an integrated environment. The product pricing is tier-based and begins at approximately $7,000 for use on a P05 box.

    Cilasoft originally developed its products in response to policies and procedures dictated by the International Monetary Fund. They are certified as “IBM Server Proven” and Cilasoft is an Advanced IBM Business Partner. The company has a network of international sales partners and has customers in more than 45 countries.

    For more information, visit www.cilasoft.com.

    RELATED STORIES

    New i OS Security Firm to Offer Multiple Wares, Services

    QJRN/400 Sniffs Out Fraud, One Journal Receiver at a Time



                         Post this story to del.icio.us
                   Post this story to Digg
        Post this story to Slashdot

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags:

    Sponsored by
    Krengeltech

    When it comes to consuming web APIs on your IBM i, your options often boil down to one of two things:

    First, you end up having to rely on a variety of open source and non-RPG solutions. This adds developer complexity, taking away time that could have been better spent invested in other projects. Of course, open source software is free, but generally comes at the cost of no professional support, which adds an element of risk in your production environment. RXS is completely professionally supported, and is complemented by a staff of trained IBM i developers who can address your nuanced development challenges, head on.

    Second, if you choose not to pursue an open-source solution, you’re often left having to shake up your current program architecture with proprietary software, external dependencies, and partial RPG implementations – many of which are sub-par compared to RPG-XML Suite’s wide range of features. RXS aims to simplify the efforts of developers with tools like code generators, useful commands, and subprocedures written in 100% RPG – no Java. Because they are entirely RPG, the RXS subprocedures are easy to add to new or existing ILE programs and architecture, helping to cut your development time. RPG-XML Suite offers powerful capabilities in an accessible, easy-to-implement format.

    With RPG-XML Suite, you can accomplish a variety of complex tasks, such as:

    • Calling REST and SOAP web services from your IBM i
    • Offering APIs from your IBM i
    • Creating JSON & XML
    • Parsing JSON & XML
    • Text manipulation, Base64 encoding/decoding, CCSID handling, hashing and encryption functions, and more.

    To try RXS for yourself, we recommend a free proof of concept, which not only gives you access to all of RPG-XML Suite’s subprocedures and utilities but also includes a tailor-made software demonstration that can be used as a starting point for your future API implementations.

    For a free proof of concept, contact us at sales@krengeltech.com, or visit our website for more information.

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Sponsored Links

    IBS:  Free e-book: The Six Margin Killers in Wholesale Distribution
    WorksRight Software:  ZIP codes, area codes, Canadian postal codes, CASS certification, and more
    COMMON:  Join us at the Fall 2010 Conference & Expo, Oct. 4 - 6, in San Antonio, Texas

    IT Jungle Store Top Book Picks

    Easy Steps to Internet Programming for AS/400, iSeries, and System i: List Price, $49.95
    The iSeries Express Web Implementer's Guide: List Price, $49.95
    The System i RPG & RPG IV Tutorial and Lab Exercises: List Price, $59.95
    The System i Pocket RPG & RPG IV Guide: List Price, $69.95
    The iSeries Pocket Database Guide: List Price, $59.00
    The iSeries Pocket SQL Guide: List Price, $59.00
    The iSeries Pocket Query Guide: List Price, $49.00
    The iSeries Pocket WebFacing Primer: List Price, $39.00
    Migrating to WebSphere Express for iSeries: List Price, $49.00
    Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
    Getting Started with WebSphere Express for iSeries: List Price, $49.00
    Can the AS/400 Survive IBM?: List Price, $49.00
    Chip Wars: List Price, $29.95

    Catch the Wave: OCEAN Hosts 17th Annual User Group Meeting Five Steps To Monitoring Your Server Log on IBM i

    Leave a Reply Cancel reply

Volume 10, Number 20 -- May 25, 2010
THIS ISSUE SPONSORED BY:

ProData Computer Services
Bytware
RevSoft
IBS
VAULT400

Table of Contents

  • Security and Auditing Breakthrough Gives Cilasoft Compliance Advantage
  • DBU Now Accessible Over the Web
  • PowerTech Delivers Object-Based Control Over Exit Points
  • IBM Considers Offering Trials of RPG OA
  • Databorough Targets CA 2E Apps for Migration
  • IBM to Buy Sterling Commerce for $1.4 Billion
  • IBM Power System Powers IBM Power Systems
  • Software Helps Truckers Cope with CSA 2010
  • Halcyon Snaps Up Snapshot
  • Saudi Distributor Taps VAI for Logistics Improvement

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • IBM i 7.3 TR12: The Non-TR Tech Refresh
  • IBM i Integration Elevates Operational Query and Analytics
  • Simplified IBM i Stack Bundling Ahead Of Subscription Pricing
  • More Price Hikes From IBM, Now For High End Storage
  • Big Blue Readies Power10 And IBM i 7.5 Training for Partners
  • IBM Delivers More Out-of-the-Box Security with IBM i 7.5
  • Groundhog Day For Malware
  • IBM i Community Reacts to IBM i 7.5
  • Four Hundred Monitor, May 11
  • IBM i PTF Guide, Volume 24, Number 19

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2022 IT Jungle

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.